US cyber crime indictment prompts calls for zero tolerance

Growing problem for law and business

The hackers then made two million dollars from the email traffic directed to specific websites, according to a statement published by the US department of justice.

Canadian citizen David-Manuel Santos Da Silva of Montreal was charged with conspiracy to commit money laundering for helping Nguyen and Vu to generate revenue from the spam and launder the proceeds.

FBI agent J. Britt Johnson said large-scale and sophisticated international cyber hacking rings are becoming more problematic for both the law enforcement community and US businesses.

He said the federal indictments, apprehensions and extraditions in this case represents several years of work as the FBI and its cyber-trained agents and technical experts acted quickly to stop the ongoing damage to the numerous victim companies as a result of the individuals’ hacking activities. 

FBI's Netherlands operation

In August 2012, the FBI – with the assistance of its legal attachés stationed abroad and in conjunction with Dutch law enforcement officials – executed a search warrant in the Netherlands that disrupted continued compromises of those companies.

Vu was arrested in Netherlands in 2012 and extradited to the US in March 2014. On 3 February 2015, he pleaded guilty to conspiracy to commit computer fraud. He is scheduled to be sentenced on 21 April 2015.

Da Silva was arrested on 12 February 2015 and is scheduled to be arraigned on 14 March 2015 in Atlanta. Nguyen is still at large, according to The Toronto Star.

“This case again demonstrates the resolve of the Department of Justice to bring accused cyber hackers from overseas to face justice in the United States,” said assistant attorney General Caldwell.  

Resources for small data breaches

But Amichai Shulman, chief technology officer of security firm Imperva, said that, while this case showed that law enforcement agencies are able to point out specific individuals involved in specific acts of cyber crime, it also raises the question of why it takes a massive data breach to blow up in public for that to happen.

“My personal belief is that, if enough resources are put up against small breaches as well as large breaches in what symbolises a zero tolerance policy against cyber violation, we’d see the number of attacks decrease significantly over a short period of time,” he said.

Mark James, security specialist at security firm Eset, said he hoped the case will turn out a success and will lead to many more successful cases showing that the fight against cyber crime is not always a losing battle.

UK police arrest 57

Last week, UK police arrested 57 cyber crime suspects in 25 separate operations co-ordinated by the National Crime Agency (NCA).

The arrests relate to a range of cyber crimes, including network intrusion and data theft from multinational companies and government agencies, distributed denial of service (DDoS) attacks, cyber-enabled fraud and malware development.

“Criminals need to realise that committing crime online will not make them anonymous to law enforcement,” said Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit (NCCU).

“We are continuously working to track down and apprehend those seeking to utilise computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cyber crime.”